top of page

PCI Compliance

PCI Compliance refers to adhering to the Payment Card Industry Data Security Standard (PCI DSS), a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. Established by the PCI Security Standards Council, which includes major credit card companies like Visa, MasterCard, American Express, Discover, and JCB, these standards aim to protect cardholder data from theft and fraud.

Vault

Key Aspects of PCI Compliance

  • Building and Maintaining a Secure Network: This involves installing and maintaining a firewall to protect cardholder data and not using vendor-supplied defaults for system passwords and other security parameters.

​

  • Protecting Cardholder Data: This includes encrypting transmission of cardholder data across open, public networks and protecting stored cardholder information.

​

  • Maintaining a Vulnerability Management Program: Regularly updating antivirus software and developing secure systems and applications are essential.

​

  • Implementing Strong Access Control Measures: Access to cardholder data should be restricted to only those who need it to perform their job, and physical access to cardholder data should also be limited.

​

  • Monitoring and Testing Networks: Regular monitoring and testing of networks are necessary to ensure that all security measures are working as intended.

​

  • Maintaining an Information Security Policy: Companies must maintain a policy that addresses information security for all personnel.

Paying Customer
Business Discussion
bottom of page